[Mimedefang] Re: MIMEDefang HOWTO
Jeremy Mates
jmates at sial.org
Thu Dec 26 16:25:01 EST 2002
* Sean Ellis <sellis at telus.net> [2002-12-26T12:48-0800]:
> What works for me in moments of apprehension like this is to do a dry
> run on test machine. Note down everything everything that you do
> along the way (the `script` command might be useful). When you're
> happy with it, and during a low-traffic time slot, redo the procedure
> on the "live" unit.
I'd also recommend doing the sendmail 8.11 -> 8.12 upgrade first on a
non-production system, especially if this is your first time using
8.12. The security changes in 8.12 (no suid bit) change a number of
operational details that can easily throw your upgrade off.
MIMEDefang can easily be added to a production sendmail with MILTER
support; simply configure /etc/mail/mimedefang-filter to report only,
and make sure you call mimedefang.pl such that mail still flows if
mimedefang is having issues. In your .mc file for sendmail.cf:
INPUT_MAIL_FILTER(`mimedefang', `S=unix:/var/spool/MIMEDefang/mimedefang.sock, T=S:5m;R:5m')
define(`confMILTER_LOG_LEVEL', 1)
Sample log-only configuration (except for viruses tagged by clamav,
which are blocked. A few of my users have a steady supply of Klez I
wanted to get rid of while gathering data):
http://www.sial.org/sendmail/doc/mimedefang-filter.logonly
--
Jeremy Mates http://www.sial.org/
OpenPGP: 0x11C3D628 (4357 1D47 FF78 24BB 0FBF 7AA8 A846 9F86 11C3 D628)
More information about the MIMEDefang
mailing list